[Freeipa-users] who did what on IPAv3 - auditing
Ernedin Zajko
ezajko at root.ba
Tue Jul 26 11:51:07 UTC 2016
Hi Stefan,
have you seen this:
https://access.redhat.com/solutions/772563
regards,
--- Ernedin ZAJKO
ezajko at root.ba
> 340282366920938463463374607431768211456
On Tue, Jul 26, 2016 at 12:45 PM, Stefan Uygur
<suygur at firstderivatives.com> wrote:
> This is the case I am after just to be more precise:
>
> https://access.redhat.com/solutions/441893
>
>
>
> It was requested 3yrs ago but no follow up so far.
>
>
>
> From: Stefan Uygur
> Sent: 26 July 2016 11:18
> To: freeipa-users at redhat.com
> Subject: who did what on IPAv3 - auditing
>
>
>
> Hi all,
>
> Still around the auditing problem with IPA, it seems the part related to
> auditing is completely missing in IPA and that is not really good.
>
>
>
> For instance, to find out who did what, who added or modified the
> permissions or users or sudo rules, etc, all this need auditing and it needs
> to be proof of concept.
>
>
>
> I don’t see IPA being very friendly with auditing part, although IPA is a
> central identity management system, which means auditing is all over IPA. I
> am surprised that this part is missing.
>
>
>
> There is a page suggests to set up central login:
> http://www.freeipa.org/page/Centralized_Logging
>
>
>
> With a combination of multiple logs, but I have checked accurately the logs,
> I still can’t find out say, who added user John Doe in date 21 July 2016 at
> 11.35.
>
>
>
> Has anybody in the list experienced or set up such solution where the IPA
> server activity is tracked down?
>
>
>
> Stefan
>
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
More information about the Freeipa-users
mailing list